|
For those new to message boards please try to follow a few simple rules when posting your question.- Choose the correct forum for your message. Posting a VB.NET question in the C++ forum will end in tears.
- Be specific! Don't ask "can someone send me the code to create an application that does 'X'. Pinpoint exactly what it is you need help with.
- Keep the subject line brief, but descriptive. eg "File Serialization problem"
- Keep the question as brief as possible. If you have to include code, include the smallest snippet of code you can.
- Be careful when including code that you haven't made a typo. Typing mistakes can become the focal point instead of the actual question you asked.
- Do not remove or empty a message if others have replied. Keep the thread intact and available for others to search and read. If your problem was answered then edit your message and add "[Solved]" to the subject line of the original post, and cast an approval vote to the one or several answers that really helped you.
- If you are posting source code with your question, place it inside <pre></pre> tags. We advise you also check the "Encode "<" (and other HTML) characters when pasting" checkbox before pasting anything inside the PRE block, and make sure "Use HTML in this post" check box is checked.
- Be courteous and DON'T SHOUT. Everyone here helps because they enjoy helping others, not because it's their job.
- Please do not post links to your question into an unrelated forum such as the lounge. It will be deleted. Likewise, do not post the same question in more than one forum.
- Do not be abusive, offensive, inappropriate or harass anyone on the boards. Doing so will get you kicked off and banned. Play nice.
- If you have a school or university assignment, assume that your teacher or lecturer is also reading these forums.
- No advertising or soliciting.
- We reserve the right to move your posts to a more appropriate forum or to delete anything deemed inappropriate or illegal.
cheers,
Chris Maunder
The Code Project | Co-founder
Microsoft C++ MVP
|
|
|
|
|
Apologies for the shouting but this is important.
When answering a question please:
- Read the question carefully
- Understand that English isn't everyone's first language so be lenient of bad spelling and grammar
- If a question is poorly phrased then either ask for clarification, ignore it, or mark it down. Insults are not welcome
- If the question is inappropriate then click the 'vote to remove message' button
Insults, slap-downs and sarcasm aren't welcome. Let's work to help developers, not make them feel stupid.
cheers,
Chris Maunder
The Code Project Co-founder
Microsoft C++ MVP
|
|
|
|
|
I configured my website in IIS to use Windows Authentication, and it works when I don't try to add Authorization Rules.
However, I added an Allow rule to allow only users in the Administrators group, and it gives the below error when attempting to load the page:
HTTP Error 500.19 - Internal Server Error
Quote: Cannot add duplicate collection entry of type 'add' with combined key attributes 'users, roles, verbs' respectively set to ', Administrators, ' This is what my web config looks like:
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="" roles="Administrators" />
</authorization>
</security>
Can anyone see what I'm doing wrong?
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
That matches the configuration sample in the documentation:
Security Authorization <authorization> | Microsoft Learn[^]
Based on the error, it sounds like you have authorization rules configured further up the hierarchy - either a parent folder, a parent application, or machine-wide. You could try using IIS Manager to look at the configured rules, using the "Authorization Rules" option in the IIS group rather than the ".NET Authorization Rules" in the ASP.NET group.
As a brute-force approach, you could clear the rules first:
<security>
<authorization>
<clear />
<add accessType="Allow" users="" roles="Administrators" />
</authorization>
</security>
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Thanks, Richard. I didn't realize the multilayered nature of the settings.
I made sure that the settings on the server, website and application were all the same, and now it works.
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
My company wants to create an internal portal website as a gateway to our applications that is hosted in an on-premises web server.
I don't want to try to re-invent the identity management, login and authorization process.
Is there any third-party solution that can be integrated with a local website to perform login functionality and user management?
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
If it's a Windows server on your local network, why not use integrated / Windows authentication[^]? That way, you don't need to worry about storing or validating the user's credentials.
I generally combine that with a database to map Windows usernames to application-specific roles, with some admin screens to manage the mapping. But if your AD infrastructure is sound, you could potentially use AD group membership to manage access to the site's features, moving all of that admin onto the network administrators instead.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Thanks Richard. I forgot to mention that this portal will eventually be accessible to clients who are not part of our network.
Are you aware of anything that could work with those types of accounts as well?
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
|
Thanks, Richard. That's just the type of guidance I was looking for!
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
Every week I get a Dependabot alerts from github about my repositories, but when I go to have github build the needed PR to do the updates, it always fails with the error "/Gemfile.lock not parseable". The file looks good to me, but then I really have no idea what it's supposed to look like. IS there online service that will parse & lint a gemfile and tell me what's wrong with it?
Truth,
James
|
|
|
|
|
You'll probably want to start with the documentation:
Bundler: gemfile[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
I have an Asp.Net MVC API with this controller :
namespace ApiDemo.Controllers
{
[Route("api/[controller]/[action]")]
[ApiController]
public class UsersController : ControllerBase
{
[HttpGet("{id}/{name}/{birthDate}/{isAlive}/{presNo}")]
public IActionResult Get(int id, string name, DateTime birthDate, bool isAlive, int presNo)
{
return StatusCode(200);
}
}
}
When I call this Swagger generates this Request URL:
https:
I don't understand the instances of '%20B' or '%3A22'. They are not always the same. What are these? Where are they coming from?
In theory, theory and practice are the same. But in practice, they never are.”
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
|
|
|
|
|
It's %20 , not %20B. The %20 is an encoded space character.
The same is true for %3A , not %3A22. The %3A is a colon.
Encoding is required because certain characters are illegal in URLs, like a space or :, unless specified in certain places. For example, a colon is only legal after the protocol and between the hostname and port number.
So, your unencoded URL is:
https:
|
|
|
|
|
OK, so here's another from the same api call:
https:
So how would a client like, say for example a console app, call this? Would the app have to format the URL to convert spaces & colons to look like that??
Thanks!
In theory, theory and practice are the same. But in practice, they never are.”
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
|
|
|
|
|
|
Thanks!
In theory, theory and practice are the same. But in practice, they never are.”
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
|
|
|
|
|
I posted on this yesterday, but I haven't made any progress.
I'm just trying to set up a simplet test API. Here's my controller:
[Route("api/user")]
[ApiController]
public class UserController : _ControllerBase
{
public UserController(IConfiguration configuration) :
base(configuration)
{
}
[HttpGet("getById/{id}")]
public IActionResult GetById([FromQuery]int id)
{
try
{
var repo = new Repository(GetDataContext());
var owner = repo.GetById(id);
if (owner is null)
{
return NotFound();
}
else
{
return Ok(owner);
}
}
catch (Exception ex)
{
return StatusCode(500, "Internal server error");
}
}
[HttpGet]
public IActionResult GetAll()
{
try
{
var repo = new Repository(GetDataContext());
var owners = repo.GetAll();
return Ok(owners);
}
catch (Exception ex)
{
return StatusCode(500, "Internal server error");
}
}
[HttpPost]
public IActionResult Test([FromBody]TestEntity testEntity)
{
return StatusCode(200);
}
}
I can call the first two methods, GetAll and GetById like this:
https:
and
https:
and they both return data. But this gives me a Not Found error
[HttpPost]
public IActionResult Test([FromBody]TestEntity testEntity)
{
}
called using Postman like this:
https:
Questions
First, I'm not even sure I have the controller methods set up right. I don't really understand when/why to use the various attributes such as [FromBody] & [FromQuery]. I'm slowly learning by I may have it wrong here.
If I'm passing an object, as opposed to say an int, what should the method signature look like? Do I use FromBody or FromQuery? My Google searches return many different results. What would the correct syntax look like?
Second, the way I'm passing params, seperated by '/' seems wrong. Shouldn't the call to the API look something like this?
https:
Am I doing something wrong here?
In theory, theory and practice are the same. But in practice, they never are.”
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
|
|
|
|
|
Kevin Marois wrote: called using Postman like this:
https:
Aside from the syntax error in your JSON (no quotes around the name value), that doesn't look like a valid POST request to me.
In Postman, the method should be set to POST , and the JSON should be in the body, not the URL.
Send parameters and body data with API requests in Postman | Postman Learning Center[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
OK, but do I have the method set up correctly?
In theory, theory and practice are the same. But in practice, they never are.”
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
|
|
|
|
|
The method looks OK, although you shouldn't really need the [FromBody] attribute.
For ASP.NET Core:
Route data and query string values are used only for simple types.
If you're still using WebAPI 2 in .NET Framework:
To force Web API to read a simple type from the request body, add the [FromBody] attribute to the parameter:
In either case, your parameter is not a "simple type", so it should be bound from the request body by default.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
OK, but even when I pass it in Postman from body, it still fails to find it. I'm not sure what's wrong
In theory, theory and practice are the same. But in practice, they never are.”
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
|
|
|
|
|
OK, so I'm still having some issues.
I created a new API and enabled Swagger. I added this controller method to the default out of the box WeatherForecastController:
[HttpPost("GetPersonInfo/{entity}")]
public IActionResult GetPersonInfo(PersonEntity person)
{
return StatusCode(200, $"{person.Id}: {person.Name}");
}
When I run it, and click the Try It Out button, I enter
{
"id": 135,
"name": "Jack Smith"
}
in the Body field and click Execute, and it works. I get back
135: Jack Smith
But when I go to Postman, and fill in the sample Json in the Body tab
{ "id": 135, "name": "Jack Smith"}
and call it
https:
I get a 404.
That's the URL right out of swagger and the body I used. Any idea what this doesn't work in Postman?
In theory, theory and practice are the same. But in practice, they never are.”
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
modified 21-Apr-24 18:39pm.
|
|
|
|
|
Kevin Marois wrote: [HttpPost("GetPersonInfo/{entity}")]
Assuming you're passing the JSON in the POST body, you shouldn't have the {entity} parameter as part of the route template.
Given the current route template, it looks like you're trying to pass the request body in the URL, which is the wrong thing to do.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
I'm trying to learn ASP.Net MVC Core API. I think I'm doing the routing wronge.
I have a UserController:
namespace Falcon.API.Controllers
{
[Route("api/user")]
[ApiController]
public class UserController : _ControllerBase
{
public UserController(IConfiguration configuration) :
base(configuration)
{
}
[HttpGet("getById/{id}")]
public IActionResult GetById(int id)
{
try
{
var repo = new Repository(GetDataContext());
var owner = repo.GetById(id);
if (owner is null)
{
return NotFound();
}
else
{
return Ok(owner);
}
}
catch (Exception ex)
{
return StatusCode(500, "Internal server error");
}
}
[HttpGet]
public IActionResult GetAll()
{
try
{
var repo = new Repository(GetDataContext());
var owners = repo.GetAll();
return Ok(owners);
}
catch (Exception ex)
{
return StatusCode(500, "Internal server error");
}
}
[HttpGet("login/{username}/{password}")]
public IActionResult Login(string userName, string password)
{
try
{
var repo = new UserRepository(GetDataContext());
var owner = repo.Login(userName, password);
if (owner is null)
{
return NotFound();
}
else
{
return Ok(owner);
}
}
catch (Exception ex)
{
return StatusCode(500, "Internal server error");
}
}
}
}
When I call it, I'm doing this:
public async Task Login(string userName, string password)
{
UserEntity results = null;
var url = $"https:// localhost:5001/api/User/Login/{userName}/{password}";
using (var httpClient = new HttpClient())
{
using (var response = await httpClient.GetAsync(url))
{
string apiResponse = await response.Content.ReadAsStringAsync();
results = JsonConvert.DeserializeObject(apiResponse);
}
}
return results;
}
This works. It calls the GetAll
https:
This works when calling GetById
https:
This does NOT work. I get a not found
https:
Can someone tell me what's wrong?
In theory, theory and practice are the same. But in practice, they never are.”
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
|
|
|
|
|